This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks.
☆52Aug 3, 2025Updated 7 months ago
Alternatives and similar repositories for Publications
Users that are interested in Publications are comparing it to the libraries listed below
Sorting:
- This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-…☆17Sep 26, 2025Updated 5 months ago
- ☆22Dec 1, 2025Updated 3 months ago
- Integer overflow in FreeType software, which also affects Chrome☆28Aug 27, 2025Updated 6 months ago
- AyedFuzzer is a small File-Format-Fuzzer with 3 options (File-mutating, WinDbg-interactive monitor, multi-processing) for windows executa…☆17Dec 2, 2024Updated last year
- Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.☆107Feb 12, 2025Updated last year
- This repository contains PoC for CVE-2024-7965. This is the vulnerability in the V8 that occurs only within ARM64.☆49Sep 16, 2024Updated last year
- Advanced exploits that I wrote for Pwn2Own competitions and other occasions☆169Mar 23, 2024Updated last year
- asnfuzzgen - ASN.1 Structure-Aware Fuzzing Compiler☆52Aug 27, 2024Updated last year
- Userland exec PoC to be used as attack vector technique☆96Oct 23, 2025Updated 4 months ago
- A tool combining DWARF info and source to search for kernel heap objects☆24Dec 23, 2025Updated 2 months ago
- ☆47May 13, 2024Updated last year
- A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE☆95Feb 12, 2025Updated last year
- Modular and extensible library for Virtual Machine Introspection☆119Updated this week
- Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability (CVE-2021-26085)☆14Oct 12, 2021Updated 4 years ago
- Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)☆25Oct 12, 2021Updated 4 years ago
- Mega repo for exploit development. Contains individual exploits and libraries to assist during exploitation☆46Jun 17, 2022Updated 3 years ago
- Bump your ida python script automatically!☆31Apr 19, 2025Updated 10 months ago
- ☆82Aug 30, 2024Updated last year
- REcon 2024 Repo, slides for talk "GOP Complex: Image parsing bugs, EBC polymorphic engines and the Deus ex machina of UEFI exploit dev""☆14Mar 31, 2025Updated 11 months ago
- some AV / EDR / analysis studies☆10May 21, 2023Updated 2 years ago
- ☆55Aug 26, 2022Updated 3 years ago
- Docker projects to retain beacon source IPs using C2 relaying infra☆11Feb 25, 2019Updated 7 years ago
- ☆11May 17, 2024Updated last year
- ☆71Jul 24, 2025Updated 7 months ago
- Documentation for Vilo router vulnerability research☆15Oct 21, 2024Updated last year
- Exploit for CVE-2024-5009☆13Jul 8, 2024Updated last year
- ☆19Nov 26, 2024Updated last year
- ☆35Aug 30, 2024Updated last year
- ☆18Sep 29, 2023Updated 2 years ago
- Exploits for a heap overflow in MiniDLNA <=1.3.2 (CVE-2023-33476)☆19Jun 20, 2023Updated 2 years ago
- Security Vulnerability Repair via Concolic Execution and Code Mutations☆19Sep 12, 2024Updated last year
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Pishi is a code coverage tool like kcov for macOS.☆75Apr 17, 2025Updated 10 months ago
- Binary code coverage visualizer plugin for Ghidra - just without crashes on unknown insns☆20Nov 2, 2024Updated last year
- CVE-2024-8381: A SpiderMonkey Interpreter Type Confusion Bug.☆15Feb 12, 2025Updated last year
- Resolves the IP addresses of ePDGs from most mobile operators in the world and checks if each ePDG responds to ICMP and whether it accept…☆17May 12, 2023Updated 2 years ago
- A framework for identifying vulnerabilities in VS Code extensions☆19Jul 9, 2024Updated last year
- ☆20Jan 14, 2026Updated last month
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year